xerces-j2-2.7.1-12.6.AXS4
エラータID: AXSA:2013-718:01
Release date:
Friday, December 6, 2013 - 13:31
Subject:
xerces-j2-2.7.1-12.6.AXS4
Affected Channels:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition (DTD) defines the legal syntax (and also which elements can be used) for certain types of files, such as XML files.
Security issues fixed wih this release:
• CVE-2009-2625
XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
Solution:
Update packages.
CVEs:
CVE-2009-2625
XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
Additional Info:
From Asianux Server 4 SP3.
Download:
SRPMS
- xerces-j2-2.7.1-12.6.AXS4.src.rpm
MD5: d5e6ad40911e201bd7173897bc88b0e4
SHA-256: bccc514b4961f81ab854abf13bfb7c00ac664b48bc17aa205dd79a6b9ed87485
Size: 1.63 MB
Asianux Server 4 for x86
- xerces-j2-2.7.1-12.6.AXS4.i686.rpm
MD5: e722c6a25e405d31ebeb37160531b976
SHA-256: 9c8ea914f01fb03cd9cbd25d28d895c62dbda9aa88963dc18cfb4a7cbf5ac478
Size: 2.22 MB
Asianux Server 4 for x86_64
- xerces-j2-2.7.1-12.6.AXS4.x86_64.rpm
MD5: 4315612cb8ee2757cb30e48c32317c84
SHA-256: c3ffb1bb7c2a0ede53dcc4bbf40c75b5a5548cdbe072038053f3dfbd633846f9
Size: 2.52 MB